As we are monitoring the web for malware, spam and phishing, we often have to report “bad” URLs to the providers. We found some spam and phishing sites hosted by Microsofts live.com service; among other services Microsoft offers blog hosting there.

When we tried to report the abuse, this turned out to be close to impossible. See for yourself:

When trying to report an abuse, you have to fill out an online form.

Microsoft needs to know which site we want to report. Oh, and a CAPTCHA to solve to divide us from Spam-Bots.

Of course they need to know what is offensive - images, the messages...

...and we're still not done yet. Now we need to classify which kind of abuse we detected.

Finally! We can send the report. We also get a ticket-number from the support.

That is quite a torture for reporting spammers and phishers. For sure not too many people are willing to go through such a long form. On the other hand, we wanted to report a spammer’s site two weeks ago and did it this way. Until now we didn’t receive an answer.

This example shows that companies tend to make abuse-reports really complicated. It could be as easy as adding a permanent link on each live-com site which is labeled “Report Abuse” – just like the usual “Contact”-links.

Dirk Knop
Technical Editor

Sorin Mustaca
Manager International Software Development